Paid content will be excluded from the download.
Matches : 909
The software reads data past the end, or before the beginning, of the intended buffer.
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer.
Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers.
The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170.
Weaknesses in this category are related to the creation and modification of strings.